A fresh take on risk and valuation

Looking to remain up-to-date with regulatory requirements?

Start receiving our RegBrief straight to your inbox!



Insights from EBA’s Guidance on ESG Risk Management

Written by Sheta Goswami, Consultant. 


The EBA’s Draft Guidelines on the ESG Risk Management, published on 18 January 2024, provide detailed guidance for financial institutions on handling ESG risks within short (under 3 years),medium (3-5 years) and long term (over 10 years) frameworks, aiming for completion by the end of 2024. These guidelines advocate for the incorporation of ESG risk considerations into the standard risk management practices of financial institutions, detailing specific metrics and standards, such as their inclusion in ICAAP and ILAAP, affecting the pricing, gathering and analysis of ESG data. Highlighting the complexity and potential cost, especially for smaller institutions, the guidelines also emphasize the opportunity for institutions to enhance their ESG risk assessment and data insight capabilities.

Subsequently, we will outline the key compliance requirements for banks regarding ESG risk management and offer strategies for institutions struggling to prioritize and effectively manage ESG risks.

Navigating ESG Risk Management: A Comprehensive Guide

In the evolving landscape of finance, Environmental, Social, and Governance (ESG) risks have emerged as pivotal factors influencing the financial performance and operational resilience of institutions. This guide delves into the intricacies of ESG risk management, offering a pathway for institutions to navigate these challenges while aligning with regulatory standards and societal expectations.

The Imperative of ESG Risks

ESG risks, encompassing environmental, social, and governance factors, increasingly bear significant implications for financial institutions. From climate change and resource depletion to human rights and corporate ethics, these factors affect long-term sustainability and can lead to considerable financial losses if not managed. Understanding and integrating ESG risks into strategic frameworks is crucial for sustainable growth and regulatory compliance.

The European Banking Authority (EBA) plays a pivotal role in setting guidelines for managing ESG risks within the EU's banking sector, aiming to enhance its resilience and integrate ESG factors into business strategies. The forthcoming guidelines, expected by the end of 2024, will establish a comprehensive framework for financial institutions, promoting a uniform approach across member states.

Given the comprehensive detail that the new guidelines provide on ESG data and monitoring, our discussion will primarily focus on these aspects. While we will also touch on critical areas including proportionality, materiality, principles of ESG risk management, ICAAP, ILAAP, strategies and business models, internal culture and controls, these topics will be covered in a more concise manner.


The principle of proportionality applies to how institutions manage and govern ESG risk internally. All institutions are expected to adopt ESG risk management practices that align with the significance of ESG risks to their specific business models. For smaller and less complex institutions (SNCIs), it is acceptable to employ simpler risk management strategies. This might include using methodologies that are less detailed, or leaning more heavily on qualitative assessments, estimates, and proxies, provided these approaches do not compromise their capacity to manage ESG risks effectively and prudently, to remain consistent with their evaluation of risk materiality.

A Methodical Approach to ESG Risk

Materiality Assessment of ESG Risks

  • Objective: Regular assessment to integrate ESG risks into strategies and procedures.
  • Frequency: Annually, or every two years for small and non-complex institutions, and when significant changes occur.
  • Scope: Assessment includes all financial risk categories (credit, market, operational, etc.).
  • Process: Institution-specific, considering short (<3yr), medium (3y-5y), and long-term horizons (>=10y).
  • Factors: Includes qualitative and quantitative elements, impact on significant activities, and both transition and physical environmental risks.
  • Risk-Based Approach: Considers likelihood and severity of risk materialization.
  • Focus on Carbon Intensive sectors: Sectors highly impacted by transition risk.
  • Documentation: Part of ICAAP, detailing methodologies, inputs, limits/thresholds, outcomes, and conclusions/actions drawn.

Identification and Measurement of ESG Risks

  • Data Processes: Collection, structuring, and analysis of data for ESG risk assessment.
  • Engagement: Interacting with clients to capture ESG-related information, e.g. designing questionnaires during credit origination/periodic reviews.
  • Assessment Principles: Identifying ESG risk drivers, mapping exposures, and measuring material risks with a forward-looking perspective.
  • Methodologies: Combining exposure-based, portfolio-based, and scenario-based methods for comprehensive assessment.
  • Exposure-Based Methodology: Assessing counterparty exposure to ESG factors, reflecting these in risk classification and default risk assessment.
  • Portfolio-Based Methodology: Using climate-related portfolio alignment methodologies, identifying natural capital dependencies, and measuring impacts on Sustainable Development Goals.
  • Scenario-Based Methodology: Institutions should perform climate/environmental scenario-based analyses, as set out in [to insert reference to future EBA Guidelines addressing letter d of the mandate under article 87a(5) of the CRD]


ESG Data

Institutions are required to gather and assess necessary data and information, aiming to enhance the quality of ESG data progressively. This entails collecting both current and forward-looking data points, including data at the client level for instance through questionnaires completed at the initiation of credit and during periodic credit reviews, as well as publicly available data specific to clients and, where applicable, data related to assets.

For engagements with large corporate entities, a minimum of nine specific data types concerning environmental risks should be considered. These include both current and projected greenhouse gas emissions, along with energy and water usage, among others. Regarding social and governance risks, institutions should account for at least five types of data, covering aspects like adverse effects on local communities and governance practices.

Overview - Standards for management of ESG risks

 ESG Risks Management Principles

  •  ESG risks should be integrated in the institution-wide risk management framework, influencing all categories of financial risks.
  • Regular risk management systems should fully incorporate ESG risks, aligning with the overall business and risk strategies.
  • Institutions need a robust approach to manage ESG risks across short to long-term horizons, utilizing tools such as engagement with counterparties, financial adjustments based on ESG considerations, and diversification strategies.

 Strategies and Business Models

  •  ESG risks must be considered in the development and implementation of business and risk strategies.
  • Institutions should assess how ESG risks, especially environmental factors like transition and physical risks, impact the business model's viability.
  • Strategies should reflect an understanding of ESG risks, with objectives and KPIs to monitor ESG impact.


  • Material ESG risks should be defined and addressed within the institution's risk appetite framework.
  • The ESG-related KRIs, setting limits, thresholds or exclusions, should be implemented based on ESG considerations.
  • Risk appetite and KRIs should be communicated and monitored across the institution.

 Internal culture & capabilities

  • Continuous development of ESG risk identification, assessment, and monitoring capabilities.
  • Training for management and staff on ESG implications, ensuring responsibilities are effectively fulfilled.
  • Incorporation of ESG risks into the institution's risk culture and internal control frameworks, including clear definitions and assignments of responsibilities.


  • Integration of ESG risks into the Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP) to cover potential solvency or liquidity impacts.
  • Description of risk appetite, thresholds, and limits for ESG risks in ICAAP and ILAAP frameworks, with methodologies reflecting the institution's size and complexity.

 Monitoring ESG risks

  • Effective internal reporting frameworks for continuous ESG risk monitoring, providing senior management with relevant data.
  • Implementation of ESG risk metrics and indicators for oversight, including historical losses, exposure to high carbon sectors, and progress against ESG targets.


ESG Monitoring

ESG risks require ongoing monitoring – both at the portfolio level and down to individual counterparty and exposure levels. The integration of ESG risk considerations into the routine credit assessments for mid-sized and larger counterparties should be standard, possibly by enhancing the depth and frequency of these assessments with a focus on ESG risk.

Institutions ought to establish early warning signals, define limits/thresholds and prepare action plans for remediation if the limits are breached.

Given the comprehensive nature of requirements, institutions are advised to employ at least the following indicators for tackling ESG risks, with Small and Non-complex institutions (SNIs) being encouraged to consider their application:

  1. Historical and Future ESG Risk Analyses: Assess historical losses and forward-looking estimates of exposures-at-risk and financial losses related to ESG risks, utilizing scenario-based methods.
  2. Income from High Climate Impact Sectors: Calculate the amount and share of income derived from sectors significantly contributing to climate change, with large institutions adopting more detailed metrics.
  3. Portfolio Climate Alignment: Evaluate the alignment of existing portfolios with climate targets, aiming for next-zero GHG emissions by 2050, using specified portfolio alignment methods.
  4. Scope 3 Emissions: Account for financed GHG emissions, especially in materially exposed sectors, employing recognized methodologies like Global GHG Accounting and Reporting Standard.
  5. Engagement on ESG risks: Document the percentage of counterparties engaged on ESG risks, focusing on sectors with material exposures, and report the outcomes of such engagements.
  6. Sustainable vs Carbon-Intensive Exposures: Monitor the share of environmentally sustainable and carbon-intensive exposures, using clear methodologies, with large institutions also tracking Taxonomy-aligned exposures.
  7. Real Estate Collateral Energy Efficiency: Classify real estate collateralized portfolios by energy efficiency levels.
  8. Physical Risk Concentration: Analyze concentration risks related to physical risk drivers (e.g., flood or wildfire risks) with a detailed geographical exposure breakdown.
  9. ESG-Related Litigation: Track any ESG-related litigation claims involving the institution, based on available information.
  10. Progress on ESG Targets: Report on progress towards the institution’s ESG risk management and objectives, including sustainability commitments.

Principles for Effective Management

ESG risks necessitate consideration across all aspects of business and risk strategies, requiring institutions to adopt a robust approach that includes engagement with counterparties, financial adjustments based on ESG considerations, and diversification strategies. Setting ESG-related KRIs, monitoring risk appetite, and continuously developing ESG risk assessment capabilities are essential for managing these risks effectively.

Towards a Sustainable Future

The guidelines emphasize the importance of aligning ESG plans with business strategies, public communications, and ensuring coherence across all planning horizons, with a clear focus on environmental aspects while gradually including social and governance risks. The guidelines aim to standardize the approach to ESG risk management, reflecting the sector's impacts on climate change and the broader push towards sustainability.

By adhering to these guidelines, institutions can not only mitigate the risks associated with ESG factors but also capitalize on the opportunities they present, paving the way for a more resilient and sustainable financial sector.

Strategy Roadmap

Navigating the complex landscape of ESG risk management and data collection can be daunting, especially when immediate action is required alongside a deep understanding of relevant risks and data points. A structured approach to tackling this challenge could involve the following steps:



This phased approach ensures a solid foundation in ESG risk management, from which more advanced strategies and goals can be developed as part of a continuous improvement process.

In a few words, the EBA’s CRD VI guidelines mark as a pivotal shift towards embedding ESG risks within the risk management strategies of financial institutions. By standardizing ESG risk management, these guidelines align with global sustainability goals and equip the banking sector for a sustainable future. For financial institutions, this presents both challenges and opportunities to innovate and contribute significantly to the global transition towards sustainability. As consultants, we view these guidelines as essential for helping our clients navigate these rapidly evolving regulatory and market landscapes.

Share this article: